JQuery :: Form Authentication - User Suddenly Logs Out Before Timeout?
Jul 12, 2010
I have set the authentication timeout and session timeout in web.config is 100 (in minutes).LoginName control shows logged in username and logout link.After 15-20 min LoginName control shows nothing and login link regardless my authentication timeout(which is 100).I can work on that page till server trip is not happen.
What is the difference between a abandon Session and a cookie timeout, what if the session is abandon and the cookie is still alive, is that can lead to a problem?
I am using asp.net mvc and jquery to make ajax requests and when the session times out after an ajax request the full sigin page gets loaded into my ajax div.
How can I display a modal popup instead of making a redirect when a session times out?
when all were under controll for a long time i suddenly receive today this error in the online page "Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached. "
We have the timeout value set to 120 in our <form> tag within the web.config. We do not have a session timeout set.. and we have various connection strings.
We are having a problem where a session variable will disappear (become NULL) .. but, the form evidently remains 'open'.. or no re-login is required..... so, my question(s):
1. what is the relationship between form timeout and session timeout
I am trying to build an ASP.NET site that allows each user to set their own session timeout value. Basically from the user's perspective if they set their timeout value to 30 then that means that after 30 minutes of inactivity they are required to re-authenticate. If they set their timeout value to 0 then that means that they can leave the browser open as long as they want and their session never expires - they never have to re-authenticate. This is different than "remember me" functionality. If they close their browser they will have to re-authenticate.
Currently I am using Forms Authentication in my application and I have one object that I am storing in ASP.NET session. This object is a custom User object that has a number of different pieces of information about the current user.
What code would I need to write so that after successful login, the system has the proper authentication ticket and the proper session expiration value? I keep thinking I have this working and then I notice weird time outs where the system seems to think I am authenticated but my session has expired.
Currently on my login page I am using an ASP.NET login control. i have custom code in the Login_Authenticate event to authorize the user. Then I have the following code in the Login_LoggedIn event to set the auth ticket.
Suddenly, IIS 7.0 is redirecting every request for the root of any domain hosted on the box to ~/Account/Logon, which is our Forms Authentication redirect. Additionally, some JavaScript and image requests are being similarly redirected, but not other aspx pages.
EDIT: It turns out that something has gone wrong with the disk permissions. Can anyone point me to the way things are supposed to be in Windows Server 2008 for a standard ASP.Net installation? The disk permissions are out of whack now.
i'm using successfully a jquery datepicker with masked input plugin too in a aspx webform. I've noticed a bug: when i insert a date by choosing it on the calendar and then i try to modify it manually, the date suddenly disappears.
I have a problem with using login controls form authentication ! as my website serves some pages for guest users(Anonymous user) and some pages are for only secure user(they must have to login for those requested pages)...... my problem is this that when i apply form authentication in web.config file to login control then visual studio directly shows only login page where i want that in general case only : guest user pages must be shown and if user clicks on login then after login the requested page he may open !
This is what I have in the RegisterUser.aspx and yet when the admin registers a new user, then on clickiing the register button, the site logs in as the user who was just created.
Nowadays having activity logs of the system is needed for history and if someone who is trying to mess your site, it is easily to define who is it and when it happen. And even Facebook have it.
how to add notification facility same as facebook in our c# website, clients get the notification on their profile whenever any new feature is aaded to website..?
I am having an issue, with the membership and form authentication. I am having a problem where when an logged in user types a url they can see the content of pages they're not suppose to. When the user tries to click on the screen or any ajax fires they are redirected to the main page. What is going on? I have all the items setup in the webconfig properly just wondering what is happening. Also I don't want to use a redirect solution for each page since that is what I thought webconfig was setup for.
Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
I have been using the RemotePost Class( as per http://www.jigar.net/articles/viewhtmlcontent78.aspx) to post a form to a pay provider, for about 3 months successfully, I made some changes external from the call to this class that sent an email when user presses the button to notify us that the user has selected to go through to the pay provider (similar to PayPal). and suddenly got an exception error MSCROLIB, Thread was being aborted. I have since removed the code and I still get the error it happens when I call
[Code]....
I tried the suggestion on KB article [URL]/ but the control is not past to the Pay Provider I also took the actual response that is written and posted it to a new html file added a submit button and it works. So I am no stuck. The Pay provider claims they have changed nothing, and has tried to help but says they are receiving no input from either our dev site or the live site.I also tried to step into the call but it just throughs the exception
i'm using ASP.NET membership for a silverlight application that makes use of Wcf Ria Services.
my problem is that i don't want multiple logins on the same account and i need to logout the user when he logs in on another machine. (I don't want the account to be used by many people at the same time, and the last who logs in must kick out everyone else)
I want to log out the user when he (or someone else) logs in from a diferent computer using the same user name.
Basicaly i want to prevent multiple individuals from staying loged in under a single user name by signing out the previous users. Any ideeas about how i can acomplish that ?
I was wondering when a user logs in using the login control for ASP.NET, how do we choose where the user goes after? Do we configure this in the web.config file?